GDP Privacy Policy

Bal Maiden Studio Glass- Data Protection and Privacy Policy

In line with the new General Data Protection Regulations (GDPR ),  Bal Maiden Studio Glass has updated its Privacy Policy to ensure we comply fully with new regulations.  Please see our Privacy Policy below.


Bal Maiden Studio Glass Privacy policy


This privacy policy sets out how the Bal Maiden Studio Glass uses and protects any information that you give us when you join us as a student or customer or when you join our mailing list or use our website (, our Facebook page or any other social media site that we administer.


Bal Maiden Studio Glass is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using our website, then you can be assured that it will only be used in accordance with this privacy statement.


Bal Maiden Studio Glass may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 1st May 2018.


Data we collect


Bal Maiden Studio Glass collect information about your name and email address, and your postal address where it is provided by you on our database. Where we acquire such information through emails sent to us, through people visiting our website, or through our Facebook page or other social media sites, or any other communication method, we use this information only to respond to the specific enquiries or messages, after which it is deleted unless a specific request is received from you to join our mailing list. Accordingly, we only send emails about our workshops, classes and activities to people who have agreed to be on our mailing list. Please be aware that our Facebook page and any other social media sites we may use are open page sites and we are not responsible for any personal information that is placed there by visitors, nor are we responsible for how that information is used by other visitors to those sites. Where we do collect and process personal information for non-subscribers we do so only on a temporary basis and solely for the purpose of making a response, and our legal basis for doing so is that of Consent and Legitimate Interest as defined by GDPR.



Opting in to receive information by email


Subscribers are asked to tick a box on the course application form to indicate that they are willing to receive relevant information, opportunities & events from Bal Maiden Studio Glass. subscribers may choose to unsubscribe at any time by emailing their request to


What we collect


We may collect the following information:

  •         name and job title;
  •         contact information including email address;
  •         demographic information such as postcode, preferences and interests;
  •         other information relevant to member surveys and/or offers;
  •         details about any contact you make with us;
  •         details of your visit to our website and any resources you access. This may include your IP



Sensitive Data


We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union subscribership, information about your health and genetic and biometric data.


We do not collect any information about criminal convictions and offences.


Where we are required to collect personal data by law, or under the terms of the contract between us and you do not provide us with that data when requested, we may not be able to perform the contract (for example, to deliver goods or services to you). If you don’t provide us with the requested data, we may have to cancel a product or service you have ordered but if we do, we will notify you at the time.


We will only use your personal data for a purpose it was collected for or a reasonably compatible purpose if necessary. For more information on this please email us at In case we need to use your details for an unrelated new purpose we will let you know and explain the legal grounds for processing.


We may process your personal data without your knowledge or consent where this is required or permitted by law.


We do not carry out automated decision making or any type of automated profiling.


What we do with the information we gather


We require this information to understand our customers needs and to provide them with a better service, and in particular for the following reasons:


Student term dates and renewal reminders.

Internal record keeping.

We may use the information to improve our products and services.

We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.

From time to time, we may also use subscribers information to contact them for market research purposes. We may contact subscribers by email, phone, fax or mail, although contact will invariably be by email in order to keep our costs low.


We may use the information to customise the website according to our subscribers interests.


Sending emails with useful information and event flyers


Bal Maiden Studio Glass uses the services Googlemail, Mailchimp, and Get Response  to email useful information and event flyers to its subscribers. Googlemail  Mailchimp, and Get Response  is based in the USA. subscribers’ emails, first and last names are stored on Googlemail, Mailchimp, and Get Response’s server along with information on subscribers’ responses to the emails we send. We collect this information to help us better tailor the emails we send to our subscribers. You can see further information on Googlemail, Mailchimp, and Get Response privacy policy here: subscribers who wish to unsubscribe from these emails can do so using the link provided at the bottom of all our emails or by contacting Bal Maiden Studio Glass directly at



We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.


How we use cookies


A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets us know when you visit our website. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.


We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to our subscribers’ needs. We only use this information for statistical analysis purposes and then the data is removed from the system.


Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.


You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, this may prevent you from taking full advantage of the website.


International Transfers


Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.


Some of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.


These non-EEA third parties services may include email, email marketing, accounting, legal and data security software, cloud storage, payment tools, online diaries, social media tools, video conferencing and project management tools.


Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is in place:

  • We will only transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data; or
  • Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
  • If we use US-based providers that are part of EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place.


If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.


We may also receive data from third parties such as analytics providers, social media network advertisers, technical, payment and delivery services, such as data brokers or aggregators, including such companies as Google, and Facebook et al – which are based outside the EU.


Links to other websites


Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.




Controlling your personal information


You may choose to restrict the collection or use of your personal information in the following ways:

  •         whenever you are asked to fill in a form on the website, look for the box that you can click

to indicate that you do not want the information to be used by anybody for direct marketing


  •         if you have previously agreed to us using your personal information for direct marketing

purposes, you may change your mind at any time by emailing us at

We will not sell, distribute or lease your personal information to third parties.


In certain circumstances we may be required to share your data with third parties as set out below:


  • Service providers who provide IT and system administration services to us.
  • Our professional advisers including lawyers, bankers, auditors and insurers.
  • Government bodies that require us to report processing activities, or wish to inspect our records for any reason.
  • Third parties to whom we sell, transfer, or merge parts of our business or our assets and/or other third parties such as market researchers and fraud prevention agencies.


We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.


Your Legal Rights


You have the right to request details of personal information which we hold about you under the Data Protection Act 1998. If you would like a copy of the information held on you please send your email request to


If you believe that any information we are holding on you is incorrect or incomplete, please email us as soon as possible, at We will promptly correct any information found to be incorrect.


You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.


We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.


We try to respond to all legitimate requests within one month. However, our administrators are a voluntary group of individuals so please allow us sufficient time to deal with your correspondence or enquiry. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests.


If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues ( We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.


You may obtain further information about your rights at the ICO Website.


Further information


If you have any problems or queries contact our Administrator at


Our privacy policy covers Noreen Todd, Bal Maiden Studio Glass and its website, as well as our Facebook page and any other social media arenas we choose to use now or in the future.


Organisation details


Bal Maiden Studio Glass is an unincorporated sole trader entity which is run by Noreen Todd, and is not required to be registered in any way in the United Kingdom. Contact with us can be made using the information shown on the website, or by emailing to


Within the current GDPR definitions our Data Controller and Data Processors are:


Data Controllers: Data Processors:
Noreen Todd Noreen Todd

  Get Response

Mail Chimp